pem_entry_encode(Asn1Type, Entity) -> pem_entry()

The Erlang representation of
Asn1Type. If Asn1Type is 'SubjectPublicKeyInfo'
then Entity must be either an rsa_public_key() or a
dsa_public_key() and this function will create the appropriate
'SubjectPublicKeyInfo' entry.

encrypt_public(PlainText, Key) -> binary()

Decodes an ASN.1 der encoded pkix certificate. The otp option
will use the customized ASN.1 specification OTP-PKIX.asn1 for
decoding and also recursively decode most of the standard
parts.

pkix_encode(Asn1Type, Entity, otp | plain) -> der_encoded()

Asn1Type = atom()

The ASN.1 type can be 'Certificate', 'OTPCertificate' or a subtype of either .

Der encodes a pkix x509 certificate or part of such a
certificate. This function must be used for encoding certificates or parts of certificates
that are decoded/created in the otp format, whereas for the plain format this
function will directly call der_encode/2.

pkix_is_issuer(Cert, IssuerCert) -> boolean()

Cert = der_encode() | #'OTPCertificate'{}

IssuerCert = der_encode() | #'OTPCertificate'{}

Checks if IssuerCert issued Cert

pkix_is_fixed_dh_cert(Cert) -> boolean()

Cert = der_encode() | #'OTPCertificate'{}

Checks if a Certificate is a fixed Diffie-Hellman Cert.

pkix_is_self_signed(Cert) -> boolean()

Cert = der_encode() | #'OTPCertificate'{}

Checks if a Certificate is self signed.

pkix_issuer_id(Cert, IssuedBy) -> {ok, IssuerID} | {error, Reason}

Cert = der_encode() | #'OTPCertificate'{}

IssuedBy = self | other

IssuerID = {integer(), {rdnSequence, [#'AttributeTypeAndValue'{}]}}

The issuer id consists of the serial number and the issuers name.

Reason = term()

Returns the issuer id.

pkix_normalize_name(Issuer) -> Normalized

Issuer = {rdnSequence,[#'AttributeTypeAndValue'{}]}

Normalized = {rdnSequence, [#'AttributeTypeAndValue'{}]}

Normalizes a issuer name so that it can be easily
compared to another issuer name.

pkix_verify(Cert, Key) -> boolean()

sign(Msg, DigestType, Key) -> binary()

The msg is either the binary "plain text" data to be
signed or it is the hashed value of "plain text" i.e. the
digest.

DigestType = rsa_digest_type() | dss_digest_type()

Key = rsa_private_key() | dsa_private_key()

Creates a digital signature.

ssh_decode(SshBin, Type) -> [{public_key(), Attributes::list()}]

SshBin = binary()

Example {ok, SshBin} = file:read_file("known_hosts").

Type = public_key | ssh_file()

If Type is public_key the binary may be either
a rfc4716 public key or a openssh public key.

Decodes a ssh file-binary. In the case of know_hosts or
auth_keys the binary may include one or more lines of the
file. Returns a list of public keys and their attributes, possible
attribute values depends on the file type represented by the
binary.